cve-2010-0423-00

Summary Smiley denial of service
Date 2010-02-18
CVE Number CVE-2010-0423
Discovered By Antti Hayrynen
Fixed In Release 2.6.6

Description

oCERT notified us about a problem in Pidgin, where a large amount of processing time will be used when inserting many smileys into an IM or chat window. This should not cause a crash, but Pidgin can become unusably slow.

Mitigation

A limit was added for the maximum number of smileys allowed in a conversation.

Looking to reach us via XMPP? Check out the new PidginChat service!